Brian Krebs reported that Adobe Systems Inc. said it plans to issue a patch to fix a zero-day vulnerability in its Flash Player software that is reportedly being exploited in active attacks. The flaw was disclosed publicly over the weekend after hackers broke into and posted online hundreds of gigabytes of data from Hacking Team, a controversial Italian company that’s long been accused of helping repressive regimes spy on dissident groups. For more information visit HERE.
Ken Westin, Senior Security Analyst for Tripwire (www.tripwire.com):
“The market for zero day vulnerabilities is alive and well and as the Hacking Team breach has revealed is also highly profitable. As many governments move to try and control malware and offensive security tools, some have been caught with their own hands in the cookie jar, leading many to wonder how and why governments and agencies listed as Hacking Team clients are using these tools and if they are doing so lawfully. Given the depth and amount of data compromised in this breach, it will reveal a great deal about the market for offensive tools designed for espionage with a great deal of fallout and embarrassment for some organizations.[su_box title=”About Tripwire” style=”noise” box_color=”#336588″]
Tripwire, Inc., a global provider of risk-based security and compliance management solutions, today announced Tripwire® Enterprise™ version 8.3 featuring a new, stand-alone Policy Manager™. Tripwire Policy Manager provides the detailed visibility into system configurations critical to minimizing security risks and ensuring compliance.[/su_box]
Ken Westin, Director, Security Strategy at Cybereason
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.